Saturday, July 3, 2010

Bsqlbf-v2.6 Released

Blind Sql Injection Brute Forcer

This perl script allows extraction of data from Blind SQL Injections.It accepts custom SQL queries as a command line parameter and it works for both integer and string based injections.Databases supported: MS-SQL . MySQL . PostgreSQL . Oracle

The new addition is the execution of any metasploit payload after executing OS code against Oracle database server by exploiting SQL Injection from web apps.See video demo